Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection.
This issue affects WP Directory Kit: from n/a through 1.5.0.
AnalysisAI
Blind SQL injection in the WP Directory Kit WordPress plugin (versions up to and including 1.5.0) allows remote unauthenticated attackers to inject SQL commands through improperly neutralized input. With a CVSS 9.3 (scope-changed) rating from Patchstack, successful exploitation can expose sensitive database contents and partially impact availability across the WordPress installation. No public exploit identified at time of analysis and the plugin is not currently listed in CISA KEV.
Technical ContextAI
WP Directory Kit is a WordPress plugin used to build directory listing sites (businesses, members, classifieds). The flaw is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), meaning user-supplied input is concatenated into SQL queries without proper parameterization or escaping via WordPress's $wpdb->prepare() API. Because the impact is 'blind', the attacker does not receive direct query output and instead infers data via boolean or time-based side channels. The CPE cpe:2.3:a:wp_directory_kit:wp_directory_kit:*:*:*:*:*:*:*:* covers all released versions through 1.5.0.
RemediationAI
No vendor-released patch identified at time of analysis - the Patchstack advisory lists the issue only against versions through 1.5.0 without a confirmed fixed version in the provided data, so administrators should monitor https://patchstack.com/database/wordpress/plugin/wpdirectorykit/vulnerability/wordpress-wp-directory-kit-plugin-1-5-0-sql-injection-vulnerability and the plugin's WordPress.org page and upgrade to any release above 1.5.0 once published. Until a fix is available, deactivate and remove the WP Directory Kit plugin if business-tolerable, since this immediately removes the vulnerable code path at the cost of losing directory functionality. As compensating controls, place the site behind a WAF such as Patchstack mTrap, Wordfence, or Cloudflare with SQLi rules enabled and specifically block requests containing SQL meta-characters to the plugin's AJAX/REST endpoints (note this may break legitimate searches with apostrophes), restrict access to the directory pages to authenticated users via plugin or .htaccess rules where feasible, and rotate WordPress secret keys plus force-reset user passwords if exploitation is suspected because hashed credentials may have been exfiltrated.
More in Wp Directory Kit
View allThe WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' pa
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1
The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a m
The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,
Blind SQL injection in the WP Directory Kit WordPress plugin (versions up to and including 1.5.1) allows remote unauthen
Unauthenticated broken access control in the WP Directory Kit WordPress plugin (versions ≤ 1.5.0) allows remote attacker
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpDirectoryKit WP
The WP Directory Kit plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a m
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectory
The WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31291
GHSA-q5xx-h8cq-mvvf